Ospf Authentication, Backbone and Area, 135 | D-Link DES-3326S

DES-3326S Layer 3 Fast Ethernet Switch User’s Guide

OSPF Authentication

OSPF packets can be authenticated as coming from trusted routers by the use of predefined passwords. The default for routers is to use not authentication.

There are two other authentication methods − simple password authentication (key) and Message Digest authentication (MD-5).

Simple Password Authentication

A password (or key) can be configured on a per-area basis. Routers in the same area that participate in the routing domain must be configured with the same key. This method is possibly vulnerable to passive attacks where a link analyzer is used to obtain the password.

Message Digest Authentication (MD-5)

MD-5 authentication is a cryptographic method. A key and a key-ID are configured on each router. The router then uses an algorithm to generate a mathematical “message digest” that is derived from the OSPF packet, the key and the key-ID. This message digest (a number) is then appended to the packet. The key is not exchanged over the wire and a non-decreasing sequence number is included to prevent replay attacks.

The Backbone and Area 0

OSPF limits the number of link-state updates required between routers by defining areas within which a given router operates. When more than one area is configured, one area is designated as area 0 − also called the backbone.

The backbone is at the center of all other areas − all areas of the network have a physical (or virtual) connection to the

Switch Management and Operating Concepts

135

Image 135

D-Link DES-3326S manual Ospf Authentication, Simple Password Authentication, Message Digest Authentication MD-5, 135

Contents

DES-3326S Wichtige Sicherheitshinweise Page Hardware Warranties Exclusive Software Page Link Offices for Registration and Warranty Service TrademarksCopyright Statement Viii FCC WarningCE Mark Warning Vcci Warning Bsmi Warning Table of Contents Snmp Using WEB-BASED Management Xii Introduction Layer 3 Switching Introduction Functions of a Layer 3 Switch Ports FeaturesPerformance Features Layer 2 Features DES-3326S Layer 3 Fast Ethernet Switch User’s Guide Layer 3 Switch Features Management Traffic Classification and Prioritization Supports Web-based management Fast Ethernet Technology Switch Stacking Gigabit Ethernet Technology Unpacking Unpacking and Setup Desktop or Shelf Installation Installation Installing rubber feet for desktop installation Rack Installation 2B. Installing the switch on an equipment rack Power on Power Failure Front Panel Identifying External Components Rear Panel Rear panel view of the Switch Optional Plug-in Modules Side Panels 1000BASE-T Module 100BASE-FX Fiber Module 2Km/15Km 62.5 ∝m 1000BASE-SX Fiber Module BASE-LX two-port module 1000BASE-LX Fiber Module Stacking Module with Gbic Port Gbic Two-Port Module Stacking Port Gbic Port 11. Up to 6 Switches in a Switch Stack Stacking Module LED Indicators Switch LED Indicators 13. Stacking Module LED Indicators Switch to End Node Connecting Switch Switch connected to an End Node Switch to Hub or Switch Switch Stack Connections 10BASE-T Device Switch Stack connections between optional stacking Modules 100BASE-TX Device Local Console Management Switch Management Operating Concepts Diagnostic console port RS-232 DCE Managing Switch Stacks Switch Stack Order − First Determining the Switch Stack Order 2original Master 001122334450 Console Boot Screen Switch IP Address Traps Setting an IP Address Switch Management and Operating Concepts Snmp performs the following functions Snmp Traps Authentication DES-3326S Layer 3 Fast Ethernet Switch User’s Guide Link Change Event This trap is sent MIBs Packet Forwarding MAC Address Aging Time Filtering Some filtering is done automatically by the switch Spanning Tree Parameter Description Default Value Variable Description Default Value Bridge Protocol Data Units Creating a Stable STP Topology Port transitions from one state to another as follows STP Port States STP Port State Transitions User-Changeable STA Parameters Feature Default Value DES-3326S Layer 3 Fast Ethernet Switch User’s Guide Illustration of STP Before Applying the STA Rules After Applying the STA Rules Link Aggregation Link Aggregation Group VLANs Defaultvlan Ieee 802.1Q VLANs 802.1Q Vlan Packet ForwardingSome relevant terms Ieee 802.1Q Packet Forwarding 802.1Q Vlan Tags Ieee 802.1Q Tag Adding an Ieee 802.1Q Tag Port Vlan ID Switch Management and Operating Concepts Ingress Filtering Tagging and Untagging VLANs in Layer 2 Only Mode Layer 3-Based VLANs IP Addressing and SubnettingDefinitions IP Addresses 255 Binary to Decimal Conversion Address Classes Subnet Masking Calculating the Number of Subnets and Nodes Classless InterDomain Routing Cidr Class a Subnet Masks 10. Class B Subnet Masks Setting up IP Interfaces 12. Vlan Example Assigned Ports Internet Protocols OSI Seven Layer Network Model Protocol Layering Protocol Stack Layer Layer TCP/IP DES-3326S Layer 3 Fast Ethernet Switch User’s Guide TCP Packet Headers 10. TCP Packet Header Switch Management and Operating Concepts 100 Ethernet 101 12. Ethernet Packet Header 102 TCP and UDP Well-Known Ports 103 UDP and Icmp 104 13. Ethernet Packet Header 105 Domain Name ResolutionDomain Name System Mapping Domain Names to Addresses 106 Dhcp Servers 107 IP Routing 108 Packet Fragmentation and Reassembly 109 ARP Multicasting Multicast Groups110 111 Address Assignment 112 Internet Group Management Protocol Igmp 113 Igmp Versions 1 114 14. Igmp Type Codes 115 Multicast Routing Algorithms Flooding Multicast Spanning Trees116 117 Reverse Path Broadcasting RPB 118 Reverse Path Multicasting RPM Multicast Routing Protocols Distance Vector Multicast Routing Protocol Dvmrp119 120 Protocol-Independent Multicast Dense ModeRouting Protocols Routing Information Protocol RIP 121 122 RIP Version 1 Message Format 123 17. RIP v.1 Message Format 124 RIP 1 Message 125 RIP 1 Route InterpretationRIP Version 2 Extensions RIP2 Message Format 126 Open Shortest Path First Ospf 127 Link-State Algorithm 128 Shortest Path Algorithm Ospf Cost Shortest Path Tree129 130 19. Constructing a Shortest Path Tree 131 20. Constructing a Shortest Path Tree 132 Areas and Border Routers 133 Link-State Packets 134 Backbone and Area Ospf AuthenticationSimple Password Authentication Message Digest Authentication MD-5 136 Virtual LinksAreas Not Physically Connected to Area Partitioning the Backbone 137 Neighbors 138 AdjacenciesDesignated Router Election Building Adjacency 139 Adjacencies on Point-to-Point Interfaces Ospf Packet Formats140 Ospf Packet Header Field Description141 142 143 Hello Packet 144 Hello Packet 145 BDR 146 Database Description Packet 147 18. Database Description Packet 148 Link-State Request Packet 149 Link-State Update Packet 150 Link-State Acknowledgment Packet 151 Link-State Advertisement Formats 152 Link State Advertisement Header 153 Link-State Advertisement Header 154 155 Router Links Advertisements 156 Routers Links Advertisements 157 FieldDescription 158 159 160 Network Links Advertisements 161 Network Link Advertisements 162 Summary Link Advertisements 163 31. Summary Link Advertisement 164 Autonomous Systems External Link Advertisements 165 AS External Link Advertisements 166 167 Introduction Before You Start General Deployment Strategy168 169 Vlan Layout 170 Assigning IP Network Addresses and Subnet Masks to VLANs Defining Static Routes That opens, click on the Login to DES-3326S Manager buttonGetting Started Management Configuring the Switch User Accounts Management172 173 User Accounts Control Table 174 Admin and User Privileges Configuration Mana Gement Admin User Saving Changes175 176 Save Changes Screen 177 Factory Reset 178 Setting Up Web Management 179 Ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy 180 Saving Configuration Changes 181 Starting and Stopping the Web-based Manager 182 Web-based Manager’s User Interface 183 Areas of the User Interface 184 Area Function Click the Switch Information link in the Configuration menu Setting Up The SwitchBasic Setup Switch Information 186 10. Switch Information Basic Settings IP Address Configuring the Switch’s IP Address To set the switch’s IP address187 188 11. Basic Switch Setup Up. The Bootp protocol allows IP New Switch IP Settings options areSwitch will send out a Bootp Broadcast request when it is powered 190 Manual 191 Default GatewayVlan Name Management Station IP Addresses Snmp Settings To setup the switch for remote management192 193 Configuring Community Strings 194 Setting Up Trap Receivers 195 Stacking Information 196 15. Switch Stack Display 197 17. Stacking Information 198 Show stacking mode/version 199 19. Console CLI show stack Command 200 Config stacking mode slave Config stacking mode master201 202 Configure Ports 203 22. Port Configurations − Edit Locking a Port’s MAC Address Learning Speed/Duplex Toggle the Speed/Duplex Auto field204 205 Serial Port Settings Baud Rate Data Bits206 Stop Bits Auto-Logout207 208 Advanced SetupConfiguring VLANs To create a new 802.1Q Vlan 209 To create a new 802.1Q VLAN, click the New button 210 26 .1Q Static VLANs Entry Settings Edit Egress PortTagged/Untagged Untagged 212 213 Ingress Filter 214 To enable or disable GVRP, globally, on the switch 215 Layer 3 IP Networking 216 To setup IP Interfaces on the switch To setup an new IP interface, click the New button To edit an existing IP interface, click on the Edit button217 Interface Name IP Address218 Active Yes Setup the Routing Information Protocol RIPSwitch Subnet Mask 220 32. RIP Status TX Mode Disabled RX Mode221 222 MD5 Key Table Configuration Key ID Key223 224 Setup Ospf 225 Ospf Area SettingCurrent Route ID AS Border Router State Type Default Cost Stub ImportStub Default Cost Area ID Ospf Interface Configuration Remove227 Router Priority Hello Interval228 Auth Type Simple229 Metric Ospf Interface Configuration − MonitorKey Configuration Auth Key 231 Virtual Interface Configuration Neighbor Router Status232 233 Area Aggregation Configuration 234 Route Redistribution Settings Metric Type Source ProtocolDestination Protocol 236 237 IP Multicasting 238 Igmp Snooping SettingsTo configure Igmp Snooping State Disabled Robustness Var Igmp Interface ConfigurationQuery Max Response 240 46. Igmp Interface Setup Version Query Interval241 Robustness Dvmrp Interface ConfigurationMax Response Time 243 49. Dvmrp Interface Configuration − Edit 244 InterfaceName System Probe Interval Metric PIM-DM SettingsNeighbor Timeout Interval State Disabled 246 50. PIM-DM Interface Configuration 247 51. PIM-DM Interface Configuration − Edit 248 Static Router Port SettingsJoin/Prune Interval 249 To setup a static router port 250 53. Static Router Port Settings − Add To configure a port for port mirroring Port Mirroring251 Source Port Direction Ingress252 To configure a forwarding priority for a given MAC address Priority253 254 56. MAC Address Priority − Add 255 MAC AddressUser Priority Source/Destinatio 256 IP Address Filtering 257 0.0 258 259 Forwarding 260 Unicast MAC Address Forwarding 261 63. Unicast MAC Address Settings − Add Multicast MAC Address Forwarding Unit262 263 65. Multicast MAC Address Settings 264 None 265 IP Forwarding To add a new static/default route, click the New button Gateway IP266 Static ARP To add a new static ARP entry, click the New button267 268 STP Switch Settings 269 72. STP Switch Settings 270 271 STP Port Settings 272 73. STP Port Settings Cost Priority273 274 275 74. Link Aggregation 276 Following fields can be set Port Member Update Firmware from ServerUtilities Tftp Utilities 278 77. Download Firmware from Server 279 Use Configuration File on Server Save Settings To Server Save History Log to Server280 281 Utilities BOOTP/DHCP Relay 282 Bootp Hops Count LimitRelay Status Relay Time Threshold 283 To add a new entry, click the New button To configure DNS Relay, click on the DNS Relay link DNS Relay284 285 Above To add a new entry to the table, click on the New buttonAddress The IP address of the domain name 0.0 Network Monitoring Port Utilization287 288 87. Port Utilization window Port Error Statistics Update289 290 88. Port Error Packet Statistics window Undersize Update IntervalCRC Error RX Frames Late Collision Drop PacketsTX Frames Excessive Deferral 293 Port Packet Analysis Frames/sec Multicast RX FramesFrames/sec Unicast RX Total/sec MAC Address TableTotal/sec TX Bytes Total/sec TX Frames 296 IP Address Table 297 298 91. IP Address Table Routing Table 300 Netmask To view the switch’s ARP table, click on the ARP Table link ARP Table301 302 93. ARP Table Ospf Link State Database Table Area ID Displays the Ospf Area ID303 304 Sequence Ospf Neighbor Table Priorityrouter305 Ospf Virtual Neighbor Table 307 Dvmrp Neighbor Address Table Expire Gvrp StatusLearned Name Router Ports Igmp Snooping Status309 310 100. Igmp Snooping Table 311 IP Multicast Forwarding Table Igmp Group Table Protocol Routing protocol in use312 Dvmrp Routing Table Querier IP313 314 Switch HistoryTo view the switch history log Click the Switch History link on the Applications menu 315 104. Switch History 316 Technical Specifications 317 Physical and Environmental EMI 318 319 Understanding Troubleshooting Spanning Tree Protocol Port in the blocking state does the following Blocking State 321 Port in the listening state does the following Listening State 323 Port in the learning state does the following Learning State 325 Port in the forwarding state does the following Forwarding State 327 Disabled port does the following Disabled State 329 Spanning Tree Protocol Failure Troubleshooting STP 331 Full/Half Duplex Mismatch Unidirectional Link 333 Packet Corruption Resource Errors Know which links are redundant Know where the root is locatedIdentifying a Data Loop Avoiding Trouble Minimize the number of ports in the blocking state 337 Understanding and Troubleshooting the Spanning Tree Protocol 339 Impact of Layer 3 Switching Understanding and Troubleshooting the Spanning Tree Protocol 341 Brief Review Bitwise Logical Operations Not Index Spanning Tree Protocol Vlan Offices Registration Card